CN105207970B - Authentication method, safety certification middleware and cloud computing resource pool based on public cloud - Google Patents
Authentication method, safety certification middleware and cloud computing resource pool based on public cloud Download PDFInfo
- Publication number
- CN105207970B CN105207970B CN201410262163.7A CN201410262163A CN105207970B CN 105207970 B CN105207970 B CN 105207970B CN 201410262163 A CN201410262163 A CN 201410262163A CN 105207970 B CN105207970 B CN 105207970B
- Authority
- CN
- China
- Prior art keywords
- certification
- authentication
- cloud computing
- resource pool
- computing resource
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Abstract
The invention discloses a kind of authentication methods based on public cloud, are applied in safety certification middleware, the described method comprises the following steps: receiving the certification request of user terminal, obtain the authentication business in the certification request;The inquiry instruction of the certification policy of the corresponding authentication business is sent to cloud computing resource pool;When cloud computing resource pool inquires corresponding certification policy, the information for the prompt input password corresponding with the certification policy that the cloud computing resource pool is sent is received, the information of the prompt input password is sent to the user terminal;The input password that the user terminal is sent is received, the input password is sent to certificate server and is authenticated.Authentication method, safety certification middleware and cloud computing resource pool the invention also discloses another kind based on public cloud.The present invention can be realized the safety certification under cloud computing environment, and Security Authentication Service is relatively abundant.
Description
Technical field
The present invention relates to authentication techniques field under publicly-owned environment more particularly to a kind of authentication methods based on public cloud, peace
Full certification middleware and cloud computing resource pool.
Background technique
Cloud computing (cloud computing) is the increase, use and delivery mode of related service Internet-based, is led to
Often it is related to providing the resource of dynamic easily extension and often virtualization by internet.Since cloud computing is related to personal and enterprise
Operation mode, and be related to personal and enterprise sensitive information, therefore leaving concentratedly for information is easy to cause safety problem.
Traditional secure authentication technology includes static password certification, dynamic cipher verification, smart card authentication etc..Existing
Under technical conditions, each secure authentication technology is integrated in a kind of safety certificate equipment, such authentication for
It is undoubtedly too single, it is difficult to which that the safety adapted under cloud computing environment is recognized for the business that personal or enterprise becomes increasingly complex
The demand of card.
Above content is only used to facilitate the understanding of the technical scheme, and is not represented and is recognized that above content is existing skill
Art.
Summary of the invention
The safety certification being difficult to adapt under cloud computing environment it is a primary object of the present invention to solve existing safety certification
The technical issues of.
To achieve the above object, the present invention provides a kind of authentication method based on public cloud, is applied among safety certification
In part, the authentication method based on public cloud the following steps are included:
The certification request for receiving user terminal, obtains the authentication business in the certification request;
The inquiry instruction of the certification policy of the corresponding authentication business is sent to cloud computing resource pool;
When cloud computing resource pool inquires corresponding certification policy, receive that the cloud computing resource pool sends with it is described
The information of the prompt input password is sent to the user terminal by the information of the corresponding prompt input password of certification policy;
The input password that the user terminal is sent is received, the input password is sent to certificate server and is recognized
Card.
Preferably, the authentication business includes: static password authentication business, dynamic cipher verification business, USB Key certification
Business, smart card authentication business, digital certificate authentication business, biometric authentication business;
The authentication method based on public cloud further include: according to the authentication business in the safety certification middleware
Corresponding interface is extended, to be communicated by the interface with the cloud computing resource pool.
Preferably, further includes: receive the authentication result that the certificate server returns, and the authentication result is sent to
The user terminal.
In addition, to achieve the above object, the present invention also provides a kind of authentication methods based on public cloud, it is applied to cloud computing
In resource pool, the authentication method based on public cloud the following steps are included:
The inquiry instruction for receiving the certification policy for the corresponding authentication business of inquiry that safety certification middleware is sent, according to
The inquiry instruction inquires the resource in the cloud computing resource pool;
When inquiring corresponding certification policy, Xiang Suoshu safety certification middleware returns corresponding with the certification policy
The information of prompt input password.
Preferably, further includes: the certification policy of each authentication business is integrated, the certification policy after integration is added
Into the resource of the cloud computing resource pool.
In addition, to achieve the above object, the present invention also provides a kind of safety certification middleware, the safety certification middleware
Include:
It obtains module and obtains the authentication business in the certification request for receiving the certification request of user terminal;
Sending module, the inquiry instruction of the certification policy for sending the corresponding authentication business to cloud computing resource pool;
First receiving module, for receiving the cloud computing when cloud computing resource pool inquires corresponding certification policy
The information for the prompt input password corresponding with the certification policy that resource pool is sent, the information of the prompt input password is sent out
Give the user terminal;
Second receiving module, the input password sent for receiving the user terminal, the input password is sent to
Certificate server is authenticated.
Preferably, the authentication business includes: static password authentication business, dynamic cipher verification business, USB Key certification
Business, smart card authentication business, digital certificate authentication business, biometric authentication business;
The safety certification middleware further include: expansion module is used for according to the authentication business in the safety certification
Corresponding interface is extended in middleware, to be communicated by the interface with the cloud computing resource pool.
Preferably, the safety certification middleware further include: third receiving module is returned for receiving the certificate server
The authentication result returned, and the authentication result is sent to the user terminal.
In addition, to achieve the above object, the present invention also provides a kind of cloud computing resource pool, the cloud computing resource pool packet
It includes:
Enquiry module, the certification policy of the corresponding authentication business of inquiry for receiving the transmission of safety certification middleware
Inquiry instruction inquires the resource in the cloud computing resource pool according to the inquiry instruction;
Return module, for when inquiring corresponding certification policy, Xiang Suoshu safety certification middleware return with it is described
The information of the corresponding prompt input password of certification policy.
Preferably, the cloud computing resource pool further include:
Adding module is integrated for the certification policy to each authentication business, and the certification policy after integration is added
Into the resource of the cloud computing resource pool.
A kind of authentication method based on public cloud of the present invention, safety certification middleware and cloud computing resource pool, safety is recognized
Card is mutually tied with safety certification middleware and cloud computing resource pool, using the cloud security authentication center of the prior art as cloud computing resources
The a part in pond does not need cloud security authentication center and provides corresponding database or management portal etc., but by safety
It authenticates middleware and corresponding interface is extended according to different authentication business, communicated by the interface with cloud computing resource pool, in cloud
In computing resource pool, safety certification is also open to user as the resource of service, realizes the safety certification under cloud computing environment,
For the business that personal or enterprise becomes increasingly complex, it is capable of providing various Security Authentication Services abundant.
Detailed description of the invention
Fig. 1 is that the present invention is based on the flow diagrams of the authentication method first embodiment of public cloud;
The schematic diagram of Fig. 2 interaction between cloud computing resource pool shown in FIG. 1, cloud computing resource pool and user terminal;
Fig. 3 is that the present invention is based on the flow diagrams of the authentication method second embodiment of public cloud;
Fig. 4 is that the present invention is based on the flow diagrams of the authentication method 3rd embodiment of public cloud;
Fig. 5 is that the present invention is based on the flow diagrams of the authentication method fourth embodiment of public cloud;
Fig. 6 is that the present invention is based on the flow diagrams of the 5th embodiment of authentication method of public cloud;
Fig. 7 is the functional block diagram of one embodiment of safety certification middleware of the present invention;
Fig. 8 is the functional block diagram of one embodiment of cloud computing resource pool of the present invention.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The present invention provides a kind of authentication method based on public cloud, is applied in safety certification middleware, referring to Fig.1,
In one embodiment, being somebody's turn to do the authentication method based on public cloud includes:
Step S101 receives the certification request of user terminal, obtains the authentication business in the certification request;
Wherein, middleware is that a kind of independent system software or service routine, Distributed Application software exist by middleware
Shared resource between different technologies.System for being connected even if the two has different interfaces, but remains to pass through centre
Part is exchanged with each other information.
In the present embodiment, safety certification middleware is used in the safety certification of the present embodiment.In conjunction with referring to Fig.2, different
The authentication business that has of user it is not identical, safety certification middleware is communicated from different user terminals, receives different use
The certification request that family terminal is sent.
It wherein, include the requested authentication business of user in certification request, safety certification middleware is receiving certification request
Afterwards, the authentication business that user can be obtained according to certification request such as can be static password authentication business, dynamic cipher verification industry
Business or USB Key authentication business etc..
Step S102 sends the inquiry instruction of the certification policy of the corresponding authentication business to cloud computing resource pool;
In the present embodiment, corresponding interface is extended in safety certification middleware according to different authentication business, so that safety
Middleware is authenticated after the authentication business for obtaining user, can be sent to the inquiry instruction of authentication business by corresponding interface
Cloud computing resource pool.
In the present embodiment, certification policy is the sub-fraction of the resource in cloud computing resource pool, is specially and certification
The corresponding authentication method of business, such as static password certification authentication method or static password certification authentication method.
Step S103 receives the cloud computing resource pool hair when cloud computing resource pool inquires corresponding certification policy
The information of the prompt input password is sent to described by the information of the prompt input password corresponding with the certification policy sent
User terminal;
Correlation table needed for increasing different authentication business safety certifications in the present embodiment, in cloud computing resource pool in advance,
Relevant page etc., obtains the certification policy of different authentication business, and the resource integrated as cloud computing resource pool.
In the present embodiment, after cloud computing resource pool receives inquiry instruction, certification policy corresponding with authentication business is inquired.
When inquiring corresponding certification policy, cloud computing resource pool sends the information of prompt input password corresponding with certification policy
Safety certification middleware is given, and user terminal is transmitted to by the information that safety certification middleware will be prompted to input password.
For example, user terminal needs to carry out dynamic cipher verification, then cloud computing resource pool inquires dynamic cipher verification
When certification policy, the prompt information of the dynamic password inputted is needed to be sent to safety certification middleware dynamic cipher verification.
Step S104 receives the input password that the user terminal is sent, the input password is sent to authentication service
Device is authenticated.
Wherein, after the information that safety certification middleware will be prompted to input password is transmitted to user terminal, user is according to this
Information input one inputs password, and the input password of input is sent to safety certification middleware, will by safety certification middleware
Input password is sent to certificate server and is authenticated.
Compared with prior art, the present embodiment mutually ties safety certification and safety certification middleware and cloud computing resource pool,
Using the cloud security authentication center of the prior art as a part of cloud computing resource pool, the offer pair of cloud security authentication center is not needed
Database for answering or management portal etc., but increase in the database of cloud computing resource pool safety certification correlation table,
Increase the related pages of safety certification in the management portal of cloud computing resource pool, that is to say, that safety certification is also as the money serviced
Source is open to user, for the business that personal or enterprise becomes increasingly complex, is capable of providing various safety certifications abundant
Service.
In addition, in the present embodiment, safety certification middleware can shield the safety certificate equipment of safety certification manufacturer
Difference makes user in face of being a kind of specific Security Authentication Service rather than many and diverse safety certificate equipment;Among safety certification
Part can also increase the quantity of service of safety certification by the interface of the safety certificate equipment of extension different vendor, can
Security Authentication Service abundant is provided, the safety certification demand of multiplicity of subscriber is met.
In a preferred embodiment, as shown in figure 3, the present embodiment also wraps on the basis of the embodiment of above-mentioned Fig. 1
It includes:
Step S100 extends corresponding interface in the safety certification middleware according to the authentication business, to pass through
The interface is communicated with the cloud computing resource pool, wherein authentication business include: static password authentication business, dynamic it is close
Code authentication business, USB Key authentication business, smart card authentication business, digital certificate authentication business, biometric authentication business.
The step S100 of the present embodiment can be located at before step S101 or between step S101 and step S102.
In the present embodiment, due to extending corresponding interface in safety certification middleware according to authentication business, peace
Full certification middleware supports unified communication mode and message structure when carrying out safety certification, additionally it is possible to shield different safety and recognize
Demonstrate,prove the difference of the secure authentication capability of device manufacturer.When needing to be supported a new secure authentication capability, recognize safely
Corresponding stand-alone interface is provided as long as demonstrate,proving middleware and being based on the secure authentication capability, so that it may using unified communication mode and be disappeared
Breath structure is interacted with cloud computing resource pool, and carries out the addition of the secure authentication capability i.e. in management portal by administrator
It can.
In a preferred embodiment, as shown in figure 4, the present embodiment also wraps on the basis of the embodiment of above-mentioned Fig. 1
It includes:
Step S105 receives the authentication result that the certificate server returns, and the authentication result is sent to described
User terminal.
In the present embodiment, certificate server receive safety certification middleware send input password, by the input password with
The password being pre-stored in certificate server is matched, and when successful match, the authentication result of successful match is sent to safety
Middleware is authenticated, safety certification middleware sends it to user terminal again and shown.If matching is unsuccessful, authentication service
The authentication result that it fails to match is also sent to certificate server by device, and safety certification middleware sends it to user terminal again.
Authentication method the present invention also provides another kind based on public cloud is applied in cloud computing resource pool, reference Fig. 5,
In one embodiment, being somebody's turn to do the authentication method based on public cloud includes:
Step S201 receives the inquiry of the certification policy for the corresponding authentication business of inquiry that safety certification middleware is sent
Instruction, inquires the resource in the cloud computing resource pool according to the inquiry instruction;
In the present embodiment, cloud computing resource pool receives the inquiry instruction of safety certification middleware, and certification policy is in cloud meter
The sub-fraction of the resource in resource pool is calculated, is specially authentication method corresponding with authentication business, as static password authenticates
Authentication method or the authentication method etc. of static password certification.
Correlation table needed for increasing different authentication business safety certifications in the present embodiment, in cloud computing resource pool in advance,
Relevant page etc., obtains the certification policy of different authentication business, and the resource integrated as cloud computing resource pool.
In the present embodiment, after cloud computing resource pool receives inquiry instruction, certification policy corresponding with authentication business is inquired.
Step S202, when inquiring corresponding certification policy, Xiang Suoshu safety certification middleware is returned and the certification
The information of the corresponding prompt input password of strategy.
When inquiring corresponding certification policy, prompt corresponding with certification policy is inputted password by cloud computing resource pool
Information is sent to safety certification middleware, is transmitted to user's end with the information that will be prompted to input password by safety certification middleware
End.
For example, user terminal needs to carry out dynamic cipher verification, then cloud computing resource pool inquires dynamic cipher verification
When certification policy, the prompt information of the dynamic password inputted is needed to be sent to safety certification middleware dynamic cipher verification.
In a preferred embodiment, as shown in fig. 6, the present embodiment also wraps on the basis of the embodiment of above-mentioned Fig. 5
It includes:
Step S200 integrates the certification policy of each authentication business, and the certification policy after integration is added to institute
It states in the resource of cloud computing resource pool.
In the present embodiment, correlation needed for increasing different authentication business safety certifications in cloud computing resource pool in advance
Table, relevant page etc., obtain the certification policy of different authentication business, and are integrated and be added to cloud computing resource pool
Resource.
The present invention also provides another safety certification middlewares, referring to Fig. 7, in one embodiment, among the safety certification
Part includes:
It obtains module 101 and obtains the authentication business in the certification request for receiving the certification request of user terminal;
Wherein, middleware is that a kind of independent system software or service routine, Distributed Application software exist by middleware
Shared resource between different technologies.System for being connected even if the two has different interfaces, but remains to pass through centre
Part is exchanged with each other information.
In the present embodiment, safety certification middleware is used in the safety certification of the present embodiment.In conjunction with referring to Fig.2, different
The authentication business that has of user it is not identical, safety certification middleware is communicated from different user terminals, receives different use
The certification request that family terminal is sent.
It wherein, include the requested authentication business of user in certification request, safety certification middleware is receiving certification request
Afterwards, the authentication business that user can be obtained according to certification request such as can be static password authentication business, dynamic cipher verification industry
Business or USB Key authentication business etc..
Sending module 102 refers to for sending the inquiry of certification policy of the corresponding authentication business to cloud computing resource pool
It enables;
In the present embodiment, corresponding interface is extended in safety certification middleware according to different authentication business, so that safety
Middleware is authenticated after the authentication business for obtaining user, can be sent to the inquiry instruction of authentication business by corresponding interface
Cloud computing resource pool.
In the present embodiment, certification policy is the sub-fraction of the resource in cloud computing resource pool, is specially and certification
The corresponding authentication method of business, such as static password certification authentication method or static password certification authentication method.
First receiving module 103, for when cloud computing resource pool inquires corresponding certification policy, receiving the cloud meter
The information for calculating the prompt input password corresponding with the certification policy that resource pool is sent, by the information of the prompt input password
It is sent to the user terminal;
Correlation table needed for increasing different authentication business safety certifications in the present embodiment, in cloud computing resource pool in advance,
Relevant page etc., obtains the certification policy of different authentication business, and the resource integrated as cloud computing resource pool.
In the present embodiment, after cloud computing resource pool receives inquiry instruction, certification policy corresponding with authentication business is inquired.
When inquiring corresponding certification policy, cloud computing resource pool sends the information of prompt input password corresponding with certification policy
Safety certification middleware is given, and user terminal is transmitted to by the information that safety certification middleware will be prompted to input password.
For example, user terminal needs to carry out dynamic cipher verification, then cloud computing resource pool inquires dynamic cipher verification
When certification policy, the prompt information of the dynamic password inputted is needed to be sent to safety certification middleware dynamic cipher verification.
Second receiving module 104, the input password sent for receiving the user terminal, the input password is sent
It is authenticated to certificate server.
Wherein, after the information that safety certification middleware will be prompted to input password is transmitted to user terminal, user is according to this
Information input one inputs password, and the input password of input is sent to safety certification middleware, will by safety certification middleware
Input password is sent to certificate server and is authenticated.
In a preferred embodiment, on the basis of the embodiment of above-mentioned Fig. 7, safety certification middleware further include: expand
Module is opened up, for extending corresponding interface in the safety certification middleware according to the authentication business, to connect by described
Mouth is communicated with the cloud computing resource pool.
Wherein, authentication business include: static password authentication business, dynamic cipher verification business, USB Key authentication business,
Smart card authentication business, digital certificate authentication business, biometric authentication business.
In the present embodiment, due to extending corresponding interface in safety certification middleware according to authentication business, peace
Full certification middleware supports unified communication mode and message structure when carrying out safety certification, additionally it is possible to shield different safety and recognize
Demonstrate,prove the difference of the secure authentication capability of device manufacturer.When needing to be supported a new secure authentication capability, recognize safely
Corresponding stand-alone interface is provided as long as demonstrate,proving middleware and being based on the secure authentication capability, so that it may using unified communication mode and be disappeared
Breath structure is interacted with cloud computing resource pool, and carries out the addition of the secure authentication capability i.e. in management portal by administrator
It can.
In a preferred embodiment, on the basis of the embodiment of above-mentioned Fig. 7, safety certification middleware further include: the
Three receiving modules, the authentication result returned for receiving the certificate server, and the authentication result is sent to the use
Family terminal.
In the present embodiment, certificate server receive safety certification middleware send input password, by the input password with
The password being pre-stored in certificate server is matched, and when successful match, the authentication result of successful match is sent to safety
Middleware is authenticated, safety certification middleware sends it to user terminal again and shown.If matching is unsuccessful, authentication service
The authentication result that it fails to match is also sent to certificate server by device, and safety certification middleware sends it to user terminal again.
The present invention also provides a kind of cloud computing resource pools, and referring to Fig. 8, in one embodiment, which includes:
Enquiry module 201, the certification plan of the corresponding authentication business of inquiry for receiving the transmission of safety certification middleware
Inquiry instruction slightly, inquires the resource in the cloud computing resource pool according to the inquiry instruction;
In the present embodiment, cloud computing resource pool receives the inquiry instruction of safety certification middleware, and certification policy is in cloud meter
The sub-fraction of the resource in resource pool is calculated, is specially authentication method corresponding with authentication business, as static password authenticates
Authentication method or the authentication method etc. of static password certification.
Correlation table needed for increasing different authentication business safety certifications in the present embodiment, in cloud computing resource pool in advance,
Relevant page etc., obtains the certification policy of different authentication business, and the resource integrated as cloud computing resource pool.
In the present embodiment, after cloud computing resource pool receives inquiry instruction, certification policy corresponding with authentication business is inquired.
Return module 202, for when inquiring corresponding certification policy, Xiang Suoshu safety certification middleware returns and institute
State the information of the corresponding prompt input password of certification policy.
When inquiring corresponding certification policy, prompt corresponding with certification policy is inputted password by cloud computing resource pool
Information is sent to safety certification middleware, is transmitted to user's end with the information that will be prompted to input password by safety certification middleware
End.
For example, user terminal needs to carry out dynamic cipher verification, then cloud computing resource pool inquires dynamic cipher verification
When certification policy, the prompt information of the dynamic password inputted is needed to be sent to safety certification middleware dynamic cipher verification.
In a preferred embodiment, on the basis of the embodiment of above-mentioned Fig. 8, cloud computing resource pool further include: addition
Module is integrated for the certification policy to each authentication business, and the certification policy after integration is added to the cloud computing
In the resource of resource pool.
In the present embodiment, correlation needed for increasing different authentication business safety certifications in cloud computing resource pool in advance
Table, relevant page etc., obtain the certification policy of different authentication business, and are integrated and be added to cloud computing resource pool
Resource.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (8)
1. a kind of authentication method based on public cloud is applied in safety certification middleware, which is characterized in that described based on publicly-owned
The authentication method of cloud the following steps are included:
The certification request for receiving user terminal, obtains the authentication business in the certification request;
The inquiry instruction of the certification policy of the corresponding authentication business is sent to cloud computing resource pool;
When cloud computing resource pool inquires corresponding certification policy, it is sending with the certification to receive the cloud computing resource pool
The information of the prompt input password is sent to the user terminal by the information of the corresponding prompt input password of strategy;
The input password that the user terminal is sent is received, the input password is sent to certificate server and is authenticated;
By extending corresponding interface according to the different authentication business in the safety certification middleware, pass through the interface
It is communicated with the cloud computing resource pool.
2. as described in claim 1 based on the authentication method of public cloud, which is characterized in that the authentication business includes: static state
Cipher authentication business, dynamic cipher verification business, USBKey authentication business, smart card authentication business, digital certificate authentication business,
Biometric authentication business;
The authentication method based on public cloud further include: extended in the safety certification middleware according to the authentication business
Corresponding interface, to be communicated by the interface with the cloud computing resource pool.
3. as claimed in claim 1 or 2 based on the authentication method of public cloud, which is characterized in that the recognizing based on public cloud
Card method further include: receive the authentication result that the certificate server returns, and the authentication result is sent to the user
Terminal.
4. a kind of authentication method based on public cloud is applied in cloud computing resource pool, which is characterized in that described to be based on public cloud
Authentication method the following steps are included:
The inquiry instruction for receiving the certification policy for the corresponding authentication business of inquiry that safety certification middleware is sent, according to the inquiry
The resource in the cloud computing resource pool is inquired in instruction;
When inquiring corresponding certification policy, Xiang Suoshu safety certification middleware returns to prompt corresponding with the certification policy
Input the information of password;
The certification policy of each authentication business is integrated, the certification policy after integration is added to the cloud computing resource pool
Resource in;
By extending corresponding interface according to the different authentication business in the safety certification middleware, pass through the interface
It is communicated with the cloud computing resource pool.
5. a kind of safety certification middleware, which is characterized in that the safety certification middleware includes:
It obtains module and obtains the authentication business in the certification request for receiving the certification request of user terminal;
Sending module, the inquiry instruction of the certification policy for sending the corresponding authentication business to cloud computing resource pool;
First receiving module, for receiving the cloud computing resources when cloud computing resource pool inquires corresponding certification policy
The information for the prompt input password corresponding with the certification policy that pond is sent, the information of the prompt input password is sent to
The user terminal;
Second receiving module, the input password sent for receiving the user terminal, is sent to certification for the input password
Server is authenticated;
Wherein, by extending corresponding interface according to the different authentication business in the safety certification middleware, pass through institute
Interface is stated to communicate with the cloud computing resource pool.
6. safety certification middleware as claimed in claim 5, which is characterized in that the authentication business includes: that static password is recognized
Card business, dynamic cipher verification business, USBKey authentication business, smart card authentication business, digital certificate authentication business, biology are known
Other authentication business;
The safety certification middleware further include: expansion module is used for according to the authentication business among the safety certification
Corresponding interface is extended in part, to be communicated by the interface with the cloud computing resource pool.
7. such as safety certification middleware described in claim 5 or 6, which is characterized in that the safety certification middleware further include:
Third receiving module, the authentication result returned for receiving the certificate server, and the authentication result is sent to described
User terminal.
8. a kind of cloud computing resource pool, which is characterized in that the cloud computing resource pool includes:
The inquiry of enquiry module, the certification policy of the corresponding authentication business of inquiry for receiving the transmission of safety certification middleware refers to
It enables, the resource in the cloud computing resource pool is inquired according to the inquiry instruction;
Return module, for when inquiring corresponding certification policy, Xiang Suoshu safety certification middleware to be returned and the certification
The information of the corresponding prompt input password of strategy;
Adding module is integrated for the certification policy to each authentication business, and the certification policy after integration is added to institute
It states in the resource of cloud computing resource pool;
Wherein, by extending corresponding interface according to the different authentication business in the safety certification middleware, pass through institute
Interface is stated to communicate with the cloud computing resource pool.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410262163.7A CN105207970B (en) | 2014-06-12 | 2014-06-12 | Authentication method, safety certification middleware and cloud computing resource pool based on public cloud |
| PCT/CN2014/089596 WO2015188568A1 (en) | 2014-06-12 | 2014-10-27 | Public cloud-based authentication method, security authentication middleware and cloud computing resource pool |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410262163.7A CN105207970B (en) | 2014-06-12 | 2014-06-12 | Authentication method, safety certification middleware and cloud computing resource pool based on public cloud |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105207970A CN105207970A (en) | 2015-12-30 |
| CN105207970B true CN105207970B (en) | 2019-09-27 |
Family
ID=54832833
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410262163.7A Active CN105207970B (en) | 2014-06-12 | 2014-06-12 | Authentication method, safety certification middleware and cloud computing resource pool based on public cloud |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105207970B (en) |
| WO (1) | WO2015188568A1 (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105208012A (en) * | 2015-08-31 | 2015-12-30 | 武汉云通英飞科技有限公司 | Cloud computing-based cloud authentication method and system |
| CN106411941B (en) * | 2016-11-24 | 2019-05-07 | 济南浪潮高新科技投资发展有限公司 | Safety certification resource allocation and management method under a kind of cloud environment |
| CN108345801B (en) * | 2018-02-09 | 2021-09-28 | 南京邮电大学 | Ciphertext database-oriented middleware dynamic user authentication method and system |
| CN109547217B (en) * | 2019-01-11 | 2021-10-22 | 北京中实信达科技有限公司 | One-to-many identity authentication system and method based on dynamic password |
| CN113992740B (en) * | 2021-10-26 | 2024-03-22 | 超越科技股份有限公司 | Middleware based on autonomous control and data transmission method |
| CN114070592A (en) * | 2021-11-09 | 2022-02-18 | 乐美科技股份私人有限公司 | Resource downloading method, device, terminal and server |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102045353A (en) * | 2010-12-13 | 2011-05-04 | 北京交通大学 | Distributed network security control method of public cloud service |
| CN102185864A (en) * | 2011-05-13 | 2011-09-14 | 北京星网锐捷网络技术有限公司 | Security authentication strategy configuration method, device and system |
| CN102647432A (en) * | 2012-05-17 | 2012-08-22 | 湖南神州祥网科技有限公司 | Authentication information transmission method, device and authentication middleware |
| CN102681899A (en) * | 2011-03-14 | 2012-09-19 | 金剑 | Virtual computing resource dynamic management system of cloud computing service platform |
| CN202455386U (en) * | 2011-12-13 | 2012-09-26 | 杭州晟元芯片技术有限公司 | Safety system for cloud storage |
| CN102752319A (en) * | 2012-07-31 | 2012-10-24 | 广州市品高软件开发有限公司 | Cloud computing secure access method, device and system |
| CN103095720A (en) * | 2013-01-30 | 2013-05-08 | 中国科学院自动化研究所 | Safety management method of cloud memory system based on session management server |
| CN103428298A (en) * | 2013-08-30 | 2013-12-04 | 华南理工大学 | Multi-party e-mail attachment sharing management method based on Cloud storage |
| CN103780584A (en) * | 2012-10-22 | 2014-05-07 | 上海俊悦智能科技有限公司 | Cloud computing-based identity authentication fusion method |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120072972A1 (en) * | 2010-09-20 | 2012-03-22 | Microsoft Corporation | Secondary credentials for batch system |
| WO2013179383A1 (en) * | 2012-05-29 | 2013-12-05 | 株式会社日立システムズ | Cloud security management system |
| US20140123028A1 (en) * | 2012-10-27 | 2014-05-01 | Kiran Kamity | Comprehensive multimedia management platform |
| CN103023986B (en) * | 2012-11-27 | 2016-01-13 | 中国电信股份有限公司 | A kind of system and method providing RDBMS to serve to multi-user |
| CN103401688A (en) * | 2013-08-09 | 2013-11-20 | 中国人民解放军理工大学 | Message-oriented middleware transmission integration system based on Eucalyptus cloud platform |
-
2014
- 2014-06-12 CN CN201410262163.7A patent/CN105207970B/en active Active
- 2014-10-27 WO PCT/CN2014/089596 patent/WO2015188568A1/en active Application Filing
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102045353A (en) * | 2010-12-13 | 2011-05-04 | 北京交通大学 | Distributed network security control method of public cloud service |
| CN102681899A (en) * | 2011-03-14 | 2012-09-19 | 金剑 | Virtual computing resource dynamic management system of cloud computing service platform |
| CN102185864A (en) * | 2011-05-13 | 2011-09-14 | 北京星网锐捷网络技术有限公司 | Security authentication strategy configuration method, device and system |
| CN202455386U (en) * | 2011-12-13 | 2012-09-26 | 杭州晟元芯片技术有限公司 | Safety system for cloud storage |
| CN102647432A (en) * | 2012-05-17 | 2012-08-22 | 湖南神州祥网科技有限公司 | Authentication information transmission method, device and authentication middleware |
| CN102752319A (en) * | 2012-07-31 | 2012-10-24 | 广州市品高软件开发有限公司 | Cloud computing secure access method, device and system |
| CN103780584A (en) * | 2012-10-22 | 2014-05-07 | 上海俊悦智能科技有限公司 | Cloud computing-based identity authentication fusion method |
| CN103095720A (en) * | 2013-01-30 | 2013-05-08 | 中国科学院自动化研究所 | Safety management method of cloud memory system based on session management server |
| CN103428298A (en) * | 2013-08-30 | 2013-12-04 | 华南理工大学 | Multi-party e-mail attachment sharing management method based on Cloud storage |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105207970A (en) | 2015-12-30 |
| WO2015188568A1 (en) | 2015-12-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105207970B (en) | Authentication method, safety certification middleware and cloud computing resource pool based on public cloud | |
| US11122030B2 (en) | Methods, systems, devices, and products for web services | |
| CN102457507B (en) | Cloud computing resources secure sharing method, Apparatus and system | |
| CN101183932B (en) | Security identification system of wireless application service and login and entry method thereof | |
| US9053306B2 (en) | Authentication system, authentication server, service providing server, authentication method, and computer-readable recording medium | |
| CN104994064B (en) | A kind of authorization and authentication method and system based on client plug-in | |
| CN106850201B (en) | Intelligent terminal multiple-factor authentication method, intelligent terminal, certificate server and system | |
| JP5739008B2 (en) | Method, apparatus, and system for verifying a communication session | |
| CN102821085A (en) | Third party authorization login method, open platform and system | |
| CN101562621A (en) | User authorization method and system and device thereof | |
| WO2011110539A9 (en) | System and method for using a portable security device to cryptographically sign a document in response to signature requests from a relying party to a digital signature service | |
| CN107294916A (en) | Single-point logging method, single-sign-on terminal and single-node login system | |
| CN109802835A (en) | A kind of safety certifying method, system and API gateway | |
| CN106357699A (en) | Network system, service platform and login method and system of service platform | |
| KR20220019834A (en) | Method and system for authenticating transmission of secure credentials to a device | |
| CN105162774B (en) | Virtual machine entry method, the virtual machine entry method and device for terminal | |
| CN103870727B (en) | A kind of method and system for being managed collectively authority | |
| CN103095666B (en) | Third-party application processing method and device | |
| CN103986734A (en) | Authentication management method and authentication management system applicable to high-security service system | |
| CN110069909A (en) | It is a kind of to exempt from the close method and device for logging in third party system | |
| CN103368831B (en) | A kind of anonymous instant communicating system identified based on frequent visitor | |
| Ferdous et al. | Managing dynamic identity federations using security assertion markup language | |
| CN105306577A (en) | Data sharing system and method between handheld devices based on APP | |
| CN105743651B (en) | The card in chip secure domain is using method, apparatus and application terminal | |
| CN109699015A (en) | Binding machine and card relationship authentication method, device and communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20190826 Address after: Yuhuatai District of Nanjing City, Jiangsu province 210012 Bauhinia Road No. 68 Applicant after: Nanjing Zhongxing New Software Co., Ltd. Address before: 518057 Nanshan District Guangdong high tech Industrial Park, South Road, science and technology, ZTE building, Ministry of Justice Applicant before: ZTE Corporation |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |